SHOR'S ALGORITHM FROM THE MINDSET 
OF QUANTUM ORACLES 




The aim of this work is to show a brand-new way of making determin- 
istic Quantum Computing (short QC), in the sense of Theory of Calcula- 
bility, by meaning of unitary evolution. We start from the original Shor's 
Algorithm to explain how the newest one works, at least compared to 
theory. We will give a new conceptual foundation of QC, resulting from a 
set of conventional and well known results of Calcolability and Quantum 
Mechanics. In the practice, if that can be used in its general sense, we 
will show an inaccessible relativized process which let us able to obtain 
same results with the same outlay in the time resource as the Shor's one 
for factorizing a given number n. Then the Quantum Oracle will be a 
prototype way giving to the relativized calculus the possibility to put in 
to practice an oracle, kind of object having till now abstract nature. 

The basic physical tool of our theorization, we call Quantum State 
Selection, consists in the twin-combined measurement process through 
positive valued measure operator (POVM)[Per02], needed to provide the 
quantum oracle's answer. 

1 Basic Ideas and Necessary Common Tools 

We want calculate the factors of a given number n. This kind of task is hard 
to solve cause the great amount of time resource needed to do it. Growing 
up the number n will produce an exponential increase in the time resource of 
the process, depending by the tail of the input data. As one see, since Shor's 
algorithm was published, the quantum nature of the processes underling implies 
an exceptional decrease of time to polynomial magnitude. 

One wants to find factors of the given number n € N. The Algorithm to do 
this maybe divided in three parts: 

• first - calculate the great common divisor (a,n) between n and a ran- 
dom natural number a < n, the running time we consider is 0(n 2 ). I've 
newly noticed there are complex conventional algorithms taking time of 
0(n(log n) 2 log log n) 

• second - if a is coprime to n, then find the period r of the reminder 
function f(x) = a x mod n, so such that f(x + r) — f(x), Vx £ N, where 
the period or order is the least integer r such that y r = 1 mod n 
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• finally - if period was found and it is even, then calculate (a r / 2 ± l,n) 
giving at least one factor of n 

The total amount of time resource is of order 0(n 2 ) +x + 0{n 2 ) 1 where the order 
of the third part is been evalueted as of order 0(n 2 ), since it is calculated by 
running Euclid's algorithm one time only. Now, x represents the order due to the 
run of the finding period sub and since we know we are working conventionally 
with an hard task, we expect to find a process allowing us to compute efficiently 
this part of the Shor's algorithm. So conventionally we have x = 0(n n ) and 
quantistically we want to find x — 0(n p ), were p is any non-negative integer. 

In a modern non-original form, the Euclidean algorithm acts same as 

1 int gcd(int a, int b) { 

2 return ( b != ? gcd(b , a 7, b) : a ); 

3 } 

where a % b is the reminder of the division f and the procedure return the 
value found in the first register a if the second argument of the function cgd 
equals 0, recurse otherwise. For example, by putting a=110 and b=129, one has 
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and since a = 1 it results that 110 and 129 are coprime. 

For what follows, it is useful notice that by repeating m times the Euclidean 
algorithm, once n is fixed and keeping m < n for all n, one has a process runs 
in m ■ 0(n 2 ), hence increasing the algorithm's time resource by a multiplicative 
factor polynomial in n, or by assuming the count of m of order 0(n), we fix the 
upper bound to the order 0(n 3 ). 

Now, we show how (a r / 2 ±l, n) gives us at least one factor of n by considering 
we found, in the second stage of the algorithm, the period r being an even 
number. Let a, n G N such that a < n and (a, n) = 1, then (a r / 2 + l,n) or 
(a r / 2 — l,n) divides n. Proof. Taking into account the reminder function 

/(*) H£} one has {^} = {£} = ,,. So 

a x a r = r] mod n 
a x =rj mod n 

then subtracting member by member the two modular congruencies, it results 

a x (a r - 1) = mod n 
and finally one has a r — 1 = mod n or { a ^ } = 0. Since r is odd and 
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a r — 1 = (fl2 + l)(a2 — 1), one finds 



| (ai+l)(q*-l) j =0 ^ {^}=0 or {^} = 0. 

■ 

The latter runs of order 0(n 2 ) in the time resource and it maybe executed 
at most twice per time. Stated what we shown till now if the second stage 
runs in polynomial time order we will have a process that runs in the same 
magnitude in time resource. This question has already been answered positively 
as testified in the masterpiece of paper about QC. In the next section we will 
explain briefly how Shor's algorithm acts and how can be evaluated the order 
of time complessity required by it. 

2 Quantum Part of Shor's Algorithm 

By Euclidean algorithm we found an a coprimc to n, so one can compute the 
order or the reminder function a mod n. Tacking into account the Jozsa picture 
[Joz98] and start with the state | ) | ) , since we are working with a two-register 
system, a simplified scheme for quantum procedure consists of the following 
steps: 

1. Apply the unitary operator A q such that A g \ )| ) = J2l=o I x )l )> 
where q — 2 l } being I the number of digits in use. 

2. Apply the Uj unitary transformation to the previous state second register 
to obtain the state ^ | x ) \ a x mod n ) . This task is obscure cause it 
seems evocate some kind of quantum alchemy by meaning of an 'oracle 
problem'; Shor [Sho96] refers to it as a kind of black box subroutine, whose 
code is inaccessible. Later, we will back on this argument and we'll discus 
the solution. 

3. Apply another time A q operator on the first register obtaining the state 
J2 e 2 ™ 1 ? \t)\a x mod n ), where it results t=^f. 

Now before step 3 happens, one measures the second register to keep the cor- 
responding state of the first one, and after it, one performs a measurement on 
the first register. 

Since t is measured and q is fixed, by performing the procedure, including 
the sequence of measurements, as much as it is enough to determine a t coprimc 
to q, one has by continued fraction the value of r by means of canceling the 
fraction at the second term of - = - to the lowest terms. 

r q 

A collaboration between IBM and Stanford University's researchers [ChuOl] 
has shown how this can be made using a spin system. To factorize n = 15 they 
build a system of seven qubit molecules, based upon the consideration that 
one needs four qubit (second register) to enter data about a x mod n and three 
qubit (first register) to evaluate the period. Fixing a = 11 and by interpretation 
of experimental data they found the first register in a equal mixture of states 
| ) = | ) and | 1 ) = | 4 ) , so that the period is found by the relation 
r = 2 3 /4 = 2 thus obtaining (ll 2 / 2 ± 1, 15) = 3 (+) and 5 ( _). Similarly, they 
fixed a = 7, getting an equal mixture of states | ) = | ) , |010) = |2), 
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I 1 > = I 4 ) and I 1 1 ) = I 6 ), thus it resulted r = 4 so that (7 4 / 2 ±l, 15) = 
= 3(_) and 5( + ). Further, as it has been shown by Jotza [Joz97] and Hoyer 
[Hoy97], Shor's algorithm runs in polynomial time. 

3 Period Finding in the Quantum Oracle Sys- 
tem picture 

As shown, Shor's algorithm constitutes the right way to run fast factorizing a 
given number n. But as predate before, in literature the use of oracle is obscure 
and, some times, rough. From theory of calcolability, an oracle is associated 
to a set of integer numbers, whose characteristic function is self-calculated by 
mean of relativized calculus. In other words can not exists a cognizable formal 
process evaluating all elements of the oracle, its task is just to answer about the 
presence in it of a given number or not, through interrogation by the side of 
Turing Machine. Unlike QC till now, we want a conventional relativized calculus 
that joins the needs to put in practice an object such that. 

Notation and critics to oracle subroutine 

First, one acts producing a finite superposition in the first register by means of 
Shor's algorithm step 1. Using Barenco notation [Bar95], the operator A q can 
be expressed by the matrix 

A q = H,-! /\(tf,_2,i-3)iTj-2 f\(Ul-3,l-l) A(^-3,I-2) 
1 11 

Hl- 3 /\(C7i_ 4l i-l) A(^-4,i-2) A(^-4,i-3)^-4 • • • 
1 1 1 

...Hi A(tf<M-i) f\{Uo.i-2) ■ ■ ■ A(tfo,i) f\(Uo,o)H 
11 11 

being 

^■ = 7f(i -i) ^ fe= G ,<-" ) 

referring the indexes to the corresponding qubit in the register. So, starting 
from initial first register | ) setting, one reaches the state ^2 X \ x ). The second 
register is quite untouched by this operation and now it will be left to evolve 
under the 'dedicated- like' transformation Uf. 

The task of modular exponentation, involving Uf, is conventionally the hard- 
est one in the Shor's picture and it constitutes the bottle-neck of the process 
[Sho9]. As it was anticipated, this is the obscure part of the entire process; Shor 
speaks about reversible calculus to do quantum modular exponentation, having 
in mind the fact settling 'Because of the reversibility of quantum computation, 
a deterministic computation is performable on a quantum computer only if it 
is reversible? and it progresses through a quantum version of the modular ex- 
ponentation algorithm. To criticize this step is vain, cause the absurd idea of 
making QC on a quantum computer it isn't actually possible; on the contrary, 
what's to emphasize, it is the absolute misunderstanding about what concerns 
to oracle and what concerns to the quantum machine. Since an Oracle is an 
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arbitrary entity, associated to a set of natural number which can answer yes 
or no to a belonging-question, i.e. 7 does the given number belongs to the set 
Q?\ But, if someone asks what's an oracle, we just answer that it is not a 
black-box, not a subroutine, not an formal process letting us able to know it. 
So the quantum part of the process appears only in the moment of interroga- 
tion by the side of the Turing Machine. Neither measure, nor probability, nor 
indeterminate results, the aim of this kind of quantum system is to answer the 
question letting the TM able to proceed its evolution. But while we can think 
about a quantum computer and its logical gates, as an expansion of conven- 
tional digital electronics based computer, more fast, more efficient, dissipating 
a minor amount of heat or at most heat free, the nature of this entity must be 
compared to quantum mechanics. The oracle's nature is quite different, just 
like its semantic is apart from the meaning of formal computation, nevertheless 
it can embrace the idea of determinism. Keeping away ourselves from field of 
technology which someone could claim to be quantronics, we state that what 
we could be able to employ in the quantum computers and what we want to 
do implementing the oracle entity, substantially differ, in the final stage, for the 
kind of measure used at the end of the process. In the following we will shape 
a Quantum Machine Model, we think realizable. 

Description 

A QO-System is a relativized Turing Machine whose oracle Q is a quantum 
answering system. Beyond Shor's picture, the quantum part of the QO-System 
consists in making a start state, measuring it to select a corrcnsponding mix- 
ture of the second register depending by relation between the answer and the 
first register, for what's conventionally argued by quantum theory, evaluating 
the quantum data in second register and, finally, measuring by POVM the final 
state. What one obtains, it is a inaccessible effective process, where the inac- 
cessible square with not knowable in the sense of quantum theory and effective 
with determined by initial data in the sense of theory of calcolability. 

Intuitively, the QO-System for factorization is a Turing Machine that acts 
in the following way: 

1. Given the n to factorize, calculate through Euclidean algorithm the array 
of number {en € N : (oj, n) = 1, a, < n}. This step runs of order 0(n 3 ) at 
most. 

2. Construct the initial state, in the same way it occurs in the Shor's pic- 
ture. | Q ) = J2r=i ®j=i e ~ lur \ r )l a j mod n ) is obtained acting with 
unitary operator A q on the first register such that -A 9 |0)|0)=^|r)|0) 
and with unitary transformation Uj on the second /i-registcr to obtain the 
state J2 r ®j I r ) I a i m0 °- n )• 

3. The state thus obtained is a superposition of number state and it is tele- 
POVM from the internal entity A to the external B which selecting the 
state by use of information now stored on the Turing machine's tape, will 
force, by meaning of selection of quantum state, the first register to be 

ko>. 

4. The question 'Does r belong to Q?' will be answered, setting the h 
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registers storing the f(x) into tensor product \ a r ° mod n ) caused 

by entangled relation with the first register now storing | tq ) . 

Since, at the end of step 4, the information is collapsed to the value of the 
modular function, we can read the exiting result by use of a quantum circuit, 
or maybe digital if one wants, made of NOT and XOR ports as it is illustrated 
in figure. So, if the output is set to then the answer is affirmative and the 
TM is able to evaluate the factor of n, else the process restart at step 2 putting 
another r into question to Q. 

Physical draft 

We already claimed that in our model step 2 produces a superposition more 
complex than the Shor's one. This kind superposition can be studied through 
the theory of multientanglemcnt [Lin98], but, without lose of generality, we 
intend to simplify our explanation referring it to the this simple case. 

The Step 3 lies in the mathematics of teleportation process for what's use- 
ful to our purposes. We refer to [Hug93] for what concerns the theory of 
p— ensembles and telePOVM starting point. The tclePOVM consists in the 
teleportation of a p~ ensemble by operating a POVM in the sending location. 
This fact arises on the equivalence between POVM and p— ensembles expressed 
by [Hug93], which let the sender A able to to choose the p— ensemble that will 
be received by B. 

In the present model the telePOVM process is used to bring the QO-system 
to be in the state of our interest, selecting the required state in the B loca- 
tion and, without loss of generality, we'll refer to single qubit transformation. 
So, following the scheme in [Mor99], one has an EPR pair shared by A and B 
and since we are dealing with POVM the number of results is larger than the 
dimension of the Hilbert space by the side of both sharers. 

Before we observe its registers, from step 2, the machine is found in the 
superposition 

niodn) 

r J 

so considering qubit-by-qubit the primary register | r ), we deal with a tetra- 
partite system composed by four qubit, one of those associated to the question 
and represented by the i— th one of ancilla, the other one consisting of a couple 
of entangled qubit, respectively A and B, and the z-th one of the first register 
|r>. 

The mechanic of quantum state selection is characterized by the use of two 
measure, executed on both side of the couple, once every member, respectively, 
had interacted by means of suitable unitary operators, A with the i— th qubit 
of the register to be selected and B with the i— th qubit of the ancilla, or the 
selector. The measurements are sequential, first on the A side, then on the B 
side and consists, in order, in a Bell measurements and in a PVM. This produce 
the selected number state r , we're asking for, in the first register, that sets the 
secondary register to the corresponding value of remainder function. 
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4 Conclusions 



The emerging calcolability model, based on the operation of the quantum state 
selection, gives us the possibility to put in practice a machine able to execute 
quantum algorithms, as the Shor's one. This progress could be crucial to go on 
over the algorithmic solution of Nature. On the other hand, the quantum state 
selection, whose details can be found in [CimlO], based on the laurea thesis 
"Modello Quantomeccanico ad un Numero Finito di Livelli per il Calcolatore 
Quantistico" , if will be shown experimentaly, it could constitute a feasible ad- 
vance to the theory of quantum measurements, upholding the primary role of 
entanglement. 
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